The following vulnerability is my second BSQLI => RCE in Flickr.
After discovering BSQLI in Flickr I said if I worked with my hand it will take along time to extract a good proof of concept [like root (DBA) password , tables ….. etc] . So I decided to add a new feature to Sculptor application [www.sculptordev.com] and the feature is Allow Cookies/Sessions …. which allows exploiting SQLI in the sites which requires logging/sessions.
So I wrote a code to allow cookies/sessions and the estimation time was less than manual exploit.
To download a new release of Sculptor (V1.1) and more information: www.sculptordev.com
Here is the proof of concept video